File name: ibm_fw_bcsw_110gup-7.4.6.0_anyos_noarch.chg
*****************************************************************
| |
| IBM 1/10Gb Uplink Ethernet Switch Module for IBM BladeCenter |
| Firmware Update |
| |
| Revision/Build ID: 7.4.6.0 |
| |
| (C) Copyright International Business Machines Corporation |
| January, 2010. All rights reserved. |
| |
| US Government Users Restricted Rights -- Use, duplication |
| or disclosure restricted by GSA ADP Schedule Contract with |
| IBM Corp. |
| |
| Updated <23 April 2014> |
*****************************************************************
FIRMWARE CHANGE HISTORY
-----------------------
IBM 1/10 Gb ESM Ethernet Switch Release 7.4.6.0 (Released April 2014)
Enhancements:
None.
Changes:
None.
Fixes:
When switch is configured to reboot in stack mode from ISCLI with command "boot stack enable",
the user is not warned about the loss of configuration and the potential need to backup.
(XB222129)
A crash could occur at bootup because of a system lockup.
(XB269571)
Switch with CPLD Firmware Version older than 1.3 could fail to boot up properly due to I2C lockup.
(XB269574)
========================================================================
IBM 1/10 Gb ESM Ethernet Switch Release 7.4.5.0 (Released November 2013)
Enhancements:
None.
Changes:
None.
Fixes:
- The swtich's management interface would become unreachable after an AMM failover event.
(XB221909)
- Upload of the swtich's configuration via the "/cfg/gtcfg" command
could fail with some configurations
(67490)
====================================================================
IBM 1/10 Gb ESM Ethernet Switch Release 7.4.4.0 (Released July 2013)
Enhancements:
None.
Changes:
None.
Fixes:
- A Security vulnerability existed in the OSPFv2 Routing Protocol
that is used in IBM System Networking Ethernet Switches
(CVE-2013-0149).
====================================================================
IBM 1/10 Gb ESM Ethernet Switch Release 7.4.3.0 (Released April 2013)
Enhancements:
None.
Changes:
None.
Fixes:
- A crash could occur when receiving sFlow packets.
(68842)
========================================================================
IBM 1/10 Gb ESM Ethernet Switch Release 7.4.2.0 (Released January 2013)
Enhancements:
- Added the MAC Address Notification feature, which if enabled, will
send out a Syslog message when new addresses are learned, and when
existing entries in hardware are aged out.
User commands:
To enable, execute the "mac-address-table mac-notification"
command under the "interface port" menu.
To disable, execute the "no mac-address-table mac-notification"
command under the "interface port" menu.
Changes:
None.
Fixes:
- Enabling the sFLow feature could lead to a CPU packet-buffer leak
that over a prolonged period of time would eventually lead to a loss
of control-plane protocols that are dependent on the CPU, and an
inability to manage the switch (via Telnet, SSH, SNMP, etc.).
(57045)
- A crash would occur when booting if the "logging synchronous"
command was in the startup configuration.
(66885)
- FTP sessions established over an IPv6 interface could close
unexpectedly during data transfer.
(67076)
- Traffic traversing across an LACP trunk would be discarded after
changing the mode from Active to Passive.
(67023)
- All ports in an LACP trunk would be put into the Blocking state
after disabling Spanning Tree globally.
(66948)
- Enabling the sFLow feature could lead to a CPU packet-buffer leak
that over a prolonged period of time would eventually lead to a loss
of control-plane protocols that are dependent on the CPU, and an
inability to manage the switch (via Telnet, SSH, SNMP, etc.).
(63895)
=======================================================================
IBM 1/10 Gb ESM Ethernet Switch Release 7.4.1.0 (Released November 2012)
New and Updated Features
========================
Debug enhancement
-----------------
Added debug commands to provide more detail than shown in current counters.
New commands will be added for LACP packets and spanning tree BPDU packets
Diff flash in iCLI
------------------
Provided a command in ISCLI to display the differences between the running
configuration and the saved configuration. This functionality is currently
available in IBMNOSCLI and should now be added to the ISCLI.
Expand support of ENTITY-MIB
----------------------------
Provided support for the entPhysical, entLogical and entAlias mibs defined
in RFC 2737 Entity MIB.
Host Resources MIB(RFC-1514)
----------------------------
Provided support for standards based HOST-RESOURCES-MIB defined in RFC 2790
allowing the switches to be managed by standard objectIDs. Host resources mib
defines a uniform set of objects to manage host devices that are independent
of the vendor, software or network capabilities. Implementation of the system
and interface groups is mandatory
LLDP to include vendor, model, OS information
---------------------------------------------
Enhanced the customer’s usage of LLDP provide the following changes: enable
LLDP by default, add the vendor, model # and operating system in the vendor s
pecific information contained in the LLDP packets. Support added for LLDP
device discovery and the switch to report this information in its LLDP
packets.
LLDP-MIB
--------
Supported the requirements in RFC 2863 to define LLDP-MIB for each IBM NOS
platform. Support added for each function that is supported by CLI’s LLDP.
Feature configuration supported in Blade CLI, ISCLI, BBI and SNMP.
SNMP and BBI Support for OSPFv3 and MLDv2
-----------------------------------------
IPSec feature was provided in 6.7 release but only in command line interfaces.
This release addded configuration and monitoring support
for MLDv2 via the BBI and SNMP interfaces.
Terminal-length 0 persistent
----------------------------
Provided Cisco-like commands for configuring the terminal length for CLI
sessions. The commands saved in the flash for persistency across resets.
Runtime option to change the terminal length for the current session without
affecting the saved configuration.
VMReady MAC Spoofing
---------------------
Provided MAC checking mechanism to prevent untrusted devices from spoofing the
MAC of a trusted device and gaining access to the VM network.
When MAC spoofing is enabled on an ESX server port virtual machines are only
allowed to use their assigned MAC address. MAC spoofing can be
configured to disable port, drop packets only from intruding MAC, only send a
log if MAC checking detects a VM transmitting with a different
MAC address than what is listed in VMware’s Vcenter.
====================================================================
IBM 1/10 Gb ESM Ethernet Switch Release 7.2.2.0 (Released April 2012)
Enhancements:
1) LLDP Stacking
LLDP protocol is currently supported in standalone mode. This feature is now
supported in stacked mode.
2) Local Preference
DMLT Local Preference feature is a new hashing scheme that applies only to the
distributed trunks in Stacking mode and its purpose is to protect the stack
link bandwidth by hashing/distributing the traffic over the trunk, only on the
those trunk’s links that are physically present on the packet’s ingress unit.
If the packet’s ingress unit does not have links in the trunk the hashing will
be done normally respecting the rest of the hashing rules that are active.
3) CPU MIB Enhancement
MIB objects are supported for all the information available in command “show
process cpu”.
4) Improved CPU Monitoring
CPU statistics should be improved to give granular utilization at intervals of
1 second, 5 seconds, 1minute and 5 minute. This information should be available
for the system as well as for each thread running in the system.
7) Process Monitoring
Dumping thread information for various threads in the system will be improved.
8) VM Ready Distributed Switch
Enhance Vmready to support VMware virtual Distributed switch.
Hypervisor versions supported: ESX 5.x and beyond.
In addition to enhancing existing Vmready features/commands to support vDS,
following are provided:
A mechanism to create vDS across a set of ESX servers
Allow ESX servers to be added to a VM group (new or existing) such that an
appropriate vDS is created on such ESX servers.
UI: BLADEOS CLI (AOS CLI), isCLI and BBI must be provided. SNMP MIBS are
provided for all the CLIs.
9) SYSLOG Logging Levels
Support for SYSLOG output on the console - managed by logging levels
10) MP Packet Logging
Enhancements to CPU Packet Logging:
More granularity to distinguish amongst various types of IPv4 packets
Statistics and logging for packets sent from the CPU also (previously
only statistics and logging of receieved packets was supported).
Ability to display the rate at which packets are received by the CPU.
============================================================================
1/10Gb ESM Release Version 6.8.6.0 (Released February 2012)
** Changes since the 6.8.5.0 release **
Enhancements:
None.
Changes:
None.
Fixes:
- Some multicast packets would be lost by existing IGMP receivers if
a new receiver registered for the same Group and VLAN, or a receiver
already registered for the same Group and Vlan would leave (due to a
Leave or a port-down event).
(44857)
- The switch would erroneously allow the configuration of a TACACS+
password greater than the maximum length of 32 characters.
(55007)
- A crash would occur if the "show running-config" command was issued
after a login notice greater than 1024 characters was previously configured
(55417)
- In Stacking mode, members of the Stack could become unreachable via
the AMM after a fail-over scenario.
(55824)
- The ARP database was not being updated upon Station Moves, resulting
in Layer-3 traffic not being re-routed to the new switch port.
(56437)
- Routed traffic would not resume after performing the "shut/no shut"
command sequence on active links
(56438)
- STP flapping could occur if receiving unregistered multicast traffic for
a VLAN configured with Flooding disabled, or Optimized Flooding enabled.
(56489, 56970) /* 6.8.5 for Janice */
- The "Total entries" parameter displayed via the "show ip igmp mrouter"
command was being double-counted if static multicast routers were
configured on Trunks.
(56788)
- In Stacking mode, any "interface port pvid" configuration commands
with PVIDs greater than 1024 would not be retained on the new
Master after a fail-over scenario.
(56913)
- Enabling the sFLow feature could lead to a CPU packet-buffer leak
that over a prolonged period of time would eventually lead to a loss
of control-plane protocols that are dependent on the CPU, and an
inability to manage the switch (via Telnet, SSH, SNMP, etc.).
(57045)
- In Stacking mode, rebooting the Master switch or a Member switch
could lead to incoherency between Layer-3 tables of the Master and
the Member(s), and ultimately a failure to route traffic.
(57179)
- Multicast routers previously learned via PIM Hello packets would not
expire after receiving PIM Hello packets updated with a new
multicast-router source-IP address.
(57249, 55588)
- A memory leak existed when receiving LLDP DCBX v1 packets, such that
over time could lead to complete memory exhaustion and eventual reset
by the Switch's Memory Monitor.
(57389)
- In Stacking mode, downloading a configuration file via the
"copy tftp active-config" command would fail silently, and
the active configuration would be erased from flash.
(57410)
- A crash could occur while processing invalid or unsupported LLDP DUs.
(57438)
- Enabling the sFLow feature could lead to a crash.
(58016)
============================================================================
1/10Gb ESM Release Version 6.8.5.0 (Released January 2012)
** Changes since the 6.8.1.0 release **
Enhancements:
None.
Changes:
- The LLDP "Port and Protocol VLAN ID" and "VLAN Name" optional TLVs
are now disabled by default.
(56041)
Fixes:
- In Stacking mode, high CPU utilization could occur on the Master switch
if IGMP Snooping was enabled, flooding was disabled, and a Member
switch was receiving unregistered multicast packets at a high rate.
(49750)
- A crash could occur after receiving an STP BPDU with an invalid
STG instance number.
(52947)
- The LACP protocol could "flap" while receiving IGMP Join packets
at a high rate.
(53371)
- In Stacking mode, the the Master switch could crash when the ARP
table became full while receiving ARP packets at a high rate.
(54863, 54868, 54878)
- Static Multicast routes were not removed from the IP Multicast table
after deleting them from the running configuration.
(54901)
- High CPU utilization could occur if IGMP packets were received while
IGMP was not configured and VLAN flooding was disabled.
(55647)
- In Stacking mode, the Master switch could crash during a reload
after changing the configured Stacking VLAN.
(55786)
- In Stacking mode, the Master switch could crash after removing a member
from the stack via the "no stack switch-number" command.
(55836)
- IP Multicast traffic in groups that had been learned via IGMPv3
Reports was no longer forwarded after a General Query was received
on the same port and the multicast groups had expired.
(55923)
- The switch was not being recognized as a Remote Device by Juniper
MX480 Routers when LLDP was enabled.
(56041)
- Momentary packet discards would occur within a VLAN when removing
ports from that VLAN.
(56304)
- The "Object Identifier" field in the outout of the "/i/l2/lldp/remodev"
command could sometimes appear garbled.
(56426)
- Using either of the "include", "exclude", "section", or "begin" CLI
filtering options with commands that require user confirmation to
proceed (e.g., "show tech" and "show counters") would result in a
hang of the terminal session
(56840)
- The SNMP 'altTeamingTriggerUp" and 'altTeamingTriggerDownTraps were
not included in the Enterprise MIB, resulting in the traps being
unrecognized by SNMP Management software.
(57311)
=========================================================
1/10Gb ESM Release version 6.8.1 (Released November 2011)
** Changes since the 6.7.3.0 release **
Enhancements:
1) Control Plane Protection
---------------------------
The switch’s internal control plane processes packets that are required for the internal state machines. This type of traffic is usually received at low rate. However, in some situations, such as DOS attacks,the switch may receive this traffic at a high rate. To prevent switch instability if the switch is unable to process a high rate of contol-plane traffic, the switch now supports CoPP. With CoPP, the administrator can assign control-plan traffic protocols to one of 48 queues, and can set bandwidth limits for each queue.
Any specific protocol can be assigned to only one queue, but multiple protocols can be assigned to share the same queue. Protocols that share a packet queue will also share the allocated bandwidth. Traffic in high-numbered queues is given priority.over that in low-numbered queues.
Note: These control-plane queues apply only to packets received by the software
and does not impact the regular switching or routing traffic.
2) DHCP Enhancements
--------------------
- DCHP Option 82:
DHCP Option 82 provides a mechanism for generating IP addresses based on the client device’s location in the network. This feature helps resolve several issues where untrusted hosts have access to the network (see RFC 3046). When this option is enabled on the switch, the DHCP relay agent inserts relay agent information option 82 in the packet, and sends a unicast BOOTP request packet to the DHCP server.
The DHCP server uses the option 82 field to assign an IP address. The switch strips off the option 82 field and sends the pack client.
- DHCP Snooping:
DHCP snooping provides security by filtering untrusted DHCP packets and by building and maintaining a DHCP snooping binding table. This feature is applicable only to IPv4 and only works in non-stacking mode.
An untrusted interface is a port that is configured to receive packets from outside the network or firewall.
A trusted interface receives packets only from within the network. By default, all ports are untrusted. The DHCP snooping binding table contains the MAC address, IP address, lease time, binding type, VLAN number, and port number that correspond to the local untrusted interface on the switch; it does not contain information regarding hosts interconnected with a trusted interface.
By default, DHCP snooping is disabled on all VLANs. To use DHCP snooping, you must turn the feature on, and then enable DHCP on one or more VLANs.
QoS Out-of-Profile Notification QoS metering can be configured to provide different levels of service to different data streams, based on ACL profiles. Meters yields In-Profile and Out-of-Profile traffic for each ACL, as follows:
• In-Profile–If there is no meter configured or if the packet conforms to the meter, the packet is classified as In-Profile.
• Out-of-Profile–If a meter is configured and the packet does not conform to the meter (exceeds the committed rate or maximum burst rate of the meter), the packet is classified as Out-of-Profile.
Note: Metering is not supported for IPv6 ACLs. All traffic matching an IPv6 ACL is considered in-profile for re-marking purposes.
3) STP Enhancements
-------------------
- Root Guard:
The root guard feature provides a way to enforce the root bridge placement in the network. It keeps a new device from becoming root and thereby forcing STP re-convergence. If a root-guard enabled port detects a root device, that port will be placed in a blocked state.
- Loop Guard:
In general, STP resolves redundant network topologies into loop-free topologies. The loop guard feature performs additional checking to detect loops that might not be found using Spanning Tree. STP loop guard ensures that a non-designated port does not become a designated port.
4) UDLD Automatic Port Recovery after errdisable
------------------------------------------------
New options have been added to the Unidirectional Link Detection (UDLD) feature.Using UDLD port recovery, if ports are disabled due to UDLD error detection, the switch will automatically attempt to reenabled them after a configured length of time.
Changes:
- SSH version 1 support has been discontinued. The 1/10Gb ESM now supports SSH version 2 only.
- Switch configuration changed made through the ISCLI are now recorded in the switch system log file.
========================================================
1/10Gb ESM Release version 6.7.3 (Released September 2011)
** Changes since the 6.7.2.0 release **
Enhancements:
- Improved the "port interface-counters" command to display all
possible reasons for Ingress and Egress packet discards.
(49111)
Changes:
- Added support for the agCurCfgTelnetAccess and agNewCfgTelnetAccess
SNMP objects.
(48953)
Fixes:
- The "ifHCOut Discards" counter was not being incremented on
egress ports during Head-of-Line Blocking (HoL) conditions.
(43784)
- Several port-level “maintenance” counters were displayed erroneously.
(43951)
- The switch would drop LLDP frames with IEEE 802.3 MAC/PHY Status TLVs
in which the auto-negotiation "not supported" and "enabled" bits were
both set.
(44331)
- Unable to disable flow control on ports with 1000Base-T SFPs.
(46258)
- If the “ifOut Discards” counter was incrementing on the first port
of the switch ASIC, the same counter would be aliased to all other
ports in the ASIC.
(48904)
- The RMON etherStatsDataSource object was returning incorrect
indices for physical ports.
(49312)
- Over a prolonged period of time, link flapping while the CPU is
forwarding packets to switch ports could inevitably lead to a loss
of control-plane protocols that are dependent on the CPU, and an
inability to manage the switch (via Telnet, SSH, SNMP, etc.).
(49996)
- After rebooting the servers, FCoE traffic (including PFC frames)
from the FCF could errantly be flooded to all Bridge ports,
creating a loop that would ultimately lead to FCF shutting itself
down (i.e., disabling the bridge ports).
(51353)
- The "show interface-rate command" would intermittently yield
inaccurate results.
(50305)
- The switch’s "uptime" value would wrap back to zero after
several weeks.
(52013)
- Crash on Master switch during reload of a Stack.
(53032)
-----------------------------------------------------------------
1/10 Gb ESM Switch Module Version 6.7.2.0 (Released July 2011)
** Changes since the 6.5.3 release **
Enhancements:
- Added support for the following IPv6 features for NIST USGv6 conformance
Multicast Listenet Discovery v1/v2,
Authentication/Confidentiality for OSPFv3 and
IPsec/IKev2 support.
- Added loopback interface support for integrating with routing protocols
BGP and OSPF.
- Added loopback interface as source IP address for the following protocols
SNMP trap, NTP, Syslog
and TACACS+.
- Added the LACP support by introducing 'minimum number of links
needed' configuration to form a LACP trunk.
- Added ISCLI output filtering capability using 'begin', 'include',
'exclude'
etc.
- Added optical input/output level information to 'show transceiver'
command output.
- Added 'if'(interface) statistics for trunk groups.
- Added support for user configurable buffers for L2/L3 chipset.
Changes:
- Default STP mode is now changed to PVRST+.
- In PVRST+ mode, new VLANs will now be automatically assigned a
Spanning tree
group ID. First 128 newly created VLANs will be
associated to an STG ID automatically. If more than 128 VLANs are
created they will be assigned to an STG ID 1.
- flooding options can be configured for at vlan's level and not
at IGMP's level and the functionality is available regardless
of
the IGMP's state.
- A new flooding option, optimized flooding, can be configured.
By default it is disabled. When enabled, optimized flooding config
avoids the packet loss during the learning period.
Fixes:
- Fixed an OS crash when trying to upgrade the boot kernel image using
SCP. (51080)
- In stacking mode some of the IGMP related config is lost after stack
master failback. (48515)
- OSPFv3: ecmp route is removed from hardware when shutdown a port from
a trunk (50221)
- Prevented change of configuration of mgmt STG 128. (50435)
======================================================================
Version 6.5.4.0 (Released May 2011)
** Fixes, changes, and enhancements since the 6.5.2.3 release **
Enhancements:
- Added a prompt for the local username and password when entering
via the TACACS "back door".
(45627)
- Removed prompting of the administrator password when changing the
password of a local user, when the user is already logged in via
TACACS authentication with administrator privilege.
(45628)
Changes:
- Converted the "stats/mp/pkt" command to a menu and added more
options to display packet counters and logs.
(37046)
- Added the ability to disable SSHv1 support via CLI, BBI, and SNMP.
Due to security concerns, SSHv1 is now disabled by default
(the default is now v2).
(43957)
- Optimized the “show mac-address-table static” command to prevent
long periods of terminal unresponsiveness when the number of
entries in the Forwarding Database (FDB) is large.
(44811)
- Removed the obsolete BBI configuration "DST for US", which had only
been retained for backward compatibility.
(48850)
- Added the ability to access the SNMP "lldpRemTable" table via the
"Time Mark", "Local Port", and "Index" indices.
(43158, 44088)
Fixes:
- Unable to configure flow-control parameters in a port channel when
any port in the port channel is down.
(40577)
- When a Virtual Machine (VM) was moved to another switch in a stacked
configuration, it was still displayed on the original port on the
source switch, and there was no notification that the VM had moved
or was no longer online.
(43419)
- Applying any layer-3 configuration change could result in an
alternate gateway becoming the active gateway.
(42700)
- The console would hang when continuous pings reached 65535 iterations.
(43845)
- In an OSPF topology, the preferred route for IGMP streams was via an
interface directly connected to a Multicast Router (mrouter).
In failover testing, the streams would be sent through an alternate
path via an IGMP relay as designed. Depending on the circumstances,
when the direct path to the mrouter was reestablished, the streams
would not be forwarded via preferred interface as expected, but
instead either continued to be forwarded via the alternate path,
or both paths simultaneously.
(43917, 43977)
- Several port-level “maintenance” counters were displayed erroneously.
(43951)
- When a port in a particular Spanning Tree Group (STG) went to the
DISCARDING state, IGMP mrouter information learned on VLANs not
belonging to that STG was errantly flushed from the hardware.
(44135)
- Unable to remove a VM Profile if the VM group had been previously
deleted using vCenter.
(44193)
- With IGMP Snooping enabled and flooding disabled, Layer-2 multicast
packets were being sent to the CPU instead of being flooded by
hardware as designed. This would result in dropping of these
packets if they arrived at the switch at a high rate.
(44216)
- The corruption of a buffer-management counter resulted in the
inability of the CPU to process Layer-3 packets.
(44306)
- When a port had the same IGMP group learned for all Relay VLANs,
multicast traffic for that IGMP group was not forwarded on all
the VLANs.
(44356)
- If STP was disabled globally and the previous STP mode was MSTP,
the managemet STG would not also get disabled as expected. The
side effect was that BPDUs were no longer flooded on internal ports
because they belonged to at least one STG (the management STG).
(44521)
- SSH sessions could be terminated while executing the
"show log message" command.
(44859)
- TACACS command authorization and logging was not working properly if
the number of parameters in the command exceeded two.
(44938, 44948)
- SNMP MIB walks would get stuck in an endless loop in the
"UdldInfoNeighborTable" object.
(45616)
- Default route entries were not being deleted after disabling the
default gateway of the associated interface. This would result in
Telnet/SSH sessions associated with the interface not being closed.
(46143)
- Unable to disable flow-control on internal ports.
(46258)
- With IGMP Snooping enabled, forwarded IGMP Query messages were
being malformed.
(46369)
- When a static Mrouter is configured over a static portchannel,
failover/failback would not occur if a port in the trunk
experienced a link-state change.
(46764)
- In a Stacked environment, generating Syslog messages that reference
a long list of ports (e.g., while making a change in a large configs)
could cause a crash of the Master switch.
(47593)
- RIPv2 Triggered Updates were not being sent after a link failure or
upon disabling a RIP interface.
(46806)
- After a master failover in a stacked topology, STP could converge on
the new master faster than trunk ports could be reprogrammed,
leading to a condition where the ports were blocked in hardware,
but STP saw the ports as forwarding.
(47640)
- RMON traps were being sent with the default community string
(i.e., "public") instead of the user-configured community string.
(48020)
- If the “ifOut Discards” counter was incrementing on the first port
of the switch ASIC, the same counter would be aliased to all other
ports in the ASIC.
(48904)
============================================================
1/10Gb Uplink Ethernet Switch Module Version 6.5.2.3 (Released October 2010)
Enhancement:
None
Changes:
- removed PIM (43979)
Fixed:
- In AMM without EIPAA (IPv6) support, High CPU load when receiving line rate of IPMC with ttl=1 packets in IGMP snooping with do not flood unknown IPMC and send unknown IPMC to cpu. (43384)
- Unable to process >500 joins in the flood disabled and 'ip igmp cpu' enabled when sending IPMC traffic first followed by sending
IGMP joins later. (44029)
==============================================================
1/10Gb Uplink Ethernet Switch Module Version 6.5.2.0 (Released October 2010)
Enhancement:
- Added the ability to display the best route in the output of the "show ip route address" command even when the specified address does not already exist in the route table.(41386)
Changes:
- Added missing descriptions for LACP Informational Tables in the Enterprise MIB. (42203)
- changed default flow control to off for all external ports (43781)
Fixed:
- Can not see a LACP trunk aggr by aggregation ID (43067)
- OSPF Adjacencies were momentarily lost for all neighbors if the BGP AS number was changed via the "router bgp as" configuration command. (41670)
- Static routes were lost after bringing link down/up multiple times. (42008)
- When a BGP route was learned, and its next-hop matched a statically-configured route, an additional static route was displayed in the isCLI configuration dump. (42376)
- The description of the ecmpGatewayUp and ecmpGatewayDown SNMP traps were inconsistent with the MIB, making the traps unrecognizable by the MIB browser. (42442)
- SSH connections would hang if TACACS+ was enabled, "clog" or "cauth" were enabled, and the user logged via backdoor and executed a command. (42672)
- Disabling flow control on the management ports ("mgmt1", "mgmt2") is not allowed, but was not being blocked in isCLI mode. (43247)
- SNMP MIB walks were failing on the agPortCurCfgUdld object.
(43696)
- The PortID and DeviceID TLVs in UDLD PDUs were being formatted
incorrectly, causing the upstream Cisco router to falsely dtect a unidirectional link then disable the port. (43699)
- The Source-specific BGP packet filter was programmed with an
incorrect rule, causing all TCP data packets to be sent to the CPU. (43757)
- Crash would occur if more than 100+ OSPF interfaces enabled (43570)
- SNMP walk/getnext fails after stackBootCurState (43161)
- OSPF DRouters doesn’t process OSPF packets with DIP 224.0.0.6 (43333)
- High CPU load when receiving line rate of IPMC with ttl=1 packets in IGMP snooping with do not flood unknown IPMC and send unknown IPMC to cpu. (43384)
===============================================
1/10Gb Uplink Ethernet Switch Module Version 6.5.1.0 (Released September 2010)
Enhancement:
NIST IPv6 Basic & Addressing support
RFC5095 Deprecation of Type 0 Routing Headers in IPv6
RFC4443 Internet Control Message Protocol (ICMPv6)
RFC 4861 Neighbor Discovery (ND) for IPv6
RFC 4291, IPv6 Addressing Architecture
RFC 4007 Scoped Address Architecture
RFC2711 IPv6 Router Alert Option
RFC3879 Deprecating Site Local Addresses
RFC3484 Default Address Selection for IPv6
RFC1981 path mtu discovery
RFC2526 Reserved IPv6 Subnet Anycast Addresses
RFC 4862 IPv6 Stateless Address Autoconfiguration
RFC 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers
SNMPv3
RFC 3411 SNMP v3 Management Framework
RFC 3412 SNMP Message Process and Dispatch
RFC 3413 SNMP Applications
RFC3414 User-based Security Model for SNMPv3
RFC 4293 Management Information Base (MIB) for IP
RFC 4292 IP Forwarding Table
RFC3289 MIB For the Differentiated Services Architecture also in DiffServ Section
RFC2474 DiffServ
VMReady 1K groups
Multiple Bootp Relay
porting CPU packet logging
PIM SM/DM
PIM DR priority
PIM neighbor filter
BGP 4bytes ASN compatible
BGP MD5 authentication
Changes
- ACL-Mirroring feature is missing (41639)
- iSCLI Fully Qualified TFTP download is mssing (42518)
Fixed
- Switch crashes when user tries to view NBR cache in BBI (Configure -> Layer 3 -> NBR).(41079)
- Switch does not forward Cisco CDP packets. (41100)
- Switch crashes when user opens several telnet connections through data interfaces. (41543)
- Traffic flooding at master/backup transition in a stack with a static trunk contains both master & backup to an uplink switch. (41601)
- Continuous errors (Out of memory) appear after connecting a switch stack with a Cisco. (41612)
- After changing switch unit number in stack, management interface cannot be accessed. (42247)
- Switch crashes when user enters an invalid string in url in the following pages: Layer 2 - Failover and Hotlinks, Virtualization - VM Group General. (42367)
- Switch crashes on displaying OSPF neighbor while disabling the OSPF on the other switch. (42375)
- Port-mirroring fails for IN direction after changing monitor and mirror ports several times. (42391)
- Convergence time for pvrst failover is 30 seconds and disrupting ping traffic. (42617)
- Enabling a range of ports crashes the switch if BPDUs received by any ports in that range belong to the VLAN which is STP off. (43059)
========================================
Version 6.3.3.0 (Released September 2010)
Enhancements:
None.
Changes:
- Added the "no prompting" option to isCLI (equivalent of "verbose 0"
in BladeOS CLI).
(40865)
Fixes:
- Unable to make changes to a trunk's parameters (e.g., flow control)
via the "interface portchannel " command if member ports'
parameters (e.g., link state) are different. This is now accomplished
via the new "interface portchannel lacp " command.
(40577)
- OSPF adjacencies flapped when OSPF configuration changes were made.
(40610)
- Configuration validation of "ip route" and "ip gateway" commands
could fail while upgrading from the 5.2.1.1 release to a 6.3.x
release, resulting in loss of the startup configuration.
(40617)
- Telnet connections would not close completely when exiting a session
from SecureCRT.
(40669)
- Configuration scripts created in older releases were not accepted
in newer releases.
(40181, 40727)
- OSPF adjacencies would be lost on all areas when enabling and
disabling authentication on an area where no interface is
configured and no neighbor is learned.
(40748)
- 0.5-meter DAC cables are displayed as "LB" when issuing the
"show interface transceiver" command.
(40781)
- OSPF host addresses were not being relearned from the second path
when the first path failed.
(40831)
- With MSTP enabled and an interface associated with a VLAN that has
just one port "up", disabling spanning-tree (CIST) on the port then
shutting down the port would lead to a condition where the IP
interface still appeared to be up.
(40836)
- Crash could occur in some instances when downloading a configuration
file via SCP and using the PSCP client.
(40900)
- Static routes might not be updated in the Switch ASIC if the gateway
became unreachable.
(40947)
- Configuring OSPF to redistribute fixed routes would not take effect
without restarting OSPF.
(40971)
- When adding a mgmt network definition, existing Telnet/SSH users
would be ejected, even if they had connected from a trusted network.
(41075)
- Terminal sessions could become unusable if an idle timeout occured
while the CLI is waiting for user input.
(41560)
- Crash when receiving self-originated LSAs where the Advertising
Router and Link State ID specified in the packet were different.
(41734)
- The ifHCInOctets and ifHCOutOctets 64-bit interface counters were
wrapping after just 32 bits.
(41780)
- PVST can take up to 30 seconds to converge.
(41899)
- Crash when receiving LLDP packets with management-address TLV.
(41998)
- Time zones for Sweden, Switzerland, and Turkey were being set incorrectly.
(42023)
- The ifDescr, ifName, and ifAlias SNMP objects were inadvertently
changed to be inconsistent with the product definition.
(42124)
- The description of the ecmpGatewayUp and ecmpGatewayDown SNMP traps
were inconsistent with the MIB, making the traps unrecognizable by
the MIB browser.
(42442)
- Console could hang when issuing the "show counters" command.
(42611)
=====================================
Version 6.3.1.1 (Released April 2010)
Enhancements:
- Added Stacking support, including the following:
- stacking of up to eight switches
- Sub-second stack link failover
- VMready
- LACP and Static Port Trunks
- IGMP v1/v2 Snooping with upto 2K unique(Group, VLAN, Port) entries
- ACLs
- Port Mirroring
- BPDU Guard
- Uplink Failure Detection
- Static IP Routing: 128 Static IP routes
- STP, RSTP, PVRST+
- Hotlinks
- Private VLAN Edge
- RADIUS
- VMready
- TACACS+
- NTP Client
- BPDU Guard
- DNS Client
- Netboot (Config File)
- BOOTP Relay
- VLAN 802.1Q
- 8021.x
- QoS
- SNMP
- SSHv2
- Added support for OSPFv3 IPv6 routing
- Added Active Multi-Path Protocol (AMP)
- Improved IPv4/IPv6 integration with AMM
- Automatic address configuration
- IPv4 : DHCPv4
- IPv6 : Stateless Auto-Configuration (SAC)
DHCPv6 Stateful Configuration (DHCPv6)
- Manual address configuration
- IPv4 : static
- IPv6 : manual
- Support for multiple address modes
- Added support for better traffic distrubution by improving the Trunk Hashing (RTAG7)
- Added support for up to 2K IGMP v1/v2/v3 groups :2K Unique (Group, VLAN)
- Added "Shift-B" to the Boot menu
Fixes:
- Standard MIB for port speed doesn't return proper value
(40018)
- Gratuitous arp causes switch to stop forwarding traffic at L3
(40424)
- snmpmibwalk returns the wrong value of MTU on interfaces
(40365)
- Stop routing the packets after the topology has changed
(40310)
- After master failback, failover control ports on the backup and member
switches have link down
(40524)
- - - - - - - - - - - - - - - - - -
Version 5.1.3.0 (Released December 2009)
Fixes:
- Fixed an issue in isCLI mode where the Switch would crash when
pasting an OSPF-specific configuration to the console.
(35320)
- Fixed the ability to fall back to the secure-backdoor login if
the configured Radius or TACACS server was unreachable (resulting
in the inability to manage the Switch).
(36515)
- Fixed an issue where if Loopback Interfaces were created while IP
forwarding was off, then IP forwarding was turned back on, routes
would not be installed in hardware.
(36546)
- Fixed an issue where clicking on some links of the BBI interface
produced no result. For these links, only clicking on the adjacent
folder icon would direct the user to the underlying page.
(36689)
- Fixed support for multi-line banner in isCLI.
(30746)
- Fixed an issue where the configured Management IP address is lost
when changing from the BladeOS CLI to the isCLI.
(31844)
- Fixed a memory issue that occurred while handling SNMP GetRequests
for MAC entries in the Layer-2 FDB table.
(32485)
- Fixed an issue where the switch would drop IPMC traffic if more than
one Multicast Router (Mrouter) was detected on the same port, trunk,
or VLAN.
(33598)
- Fixed an issue where throughput was significantly reduced when the
switch was in Ingress Back Pressure Flow-Control Mode (IBP), leading
to packets being discarded by the switch. This issue did not exist
in the (default) End-To-End Flow-Control Mode (E2E).
(34968)
- Added the ability to configure multiple Management VLANs for support
of the AMM's CIN and SOL features.
(21361)
- Moved the "no ip routing" command to a position after the VLAN
section in the config dump, so that copy/pasted configurations
are executed in the proper order when booting into isCLI mode.
(30038)
- Added support for sending SNMP Traps when temperature thresholds are
exceeded.
(30182)
- Fixed Daylight Savings Time dates for the Asia/Israel time zones.
(30259)
- Added the configuration of ECMP hash algorithms to isCLI.
(22049,30940)
- Fixed a MIB compile error in the portOperDot1xTable object.
This error occurred when using the MG-Soft SNMP tool.
(30963,31094)
- Fixed an issue where Gateway Per-VLAN configuration files could not
be applied when the files were downloaded from an FTP/TFTP server.
(32341)
- Fixed an issue that prevented configuring the port-mirroring feature
from monitoring a tagged port onto a untagged port.
(32490)
- Changed the ifName object in the IF-MIB to always return the actual
port name instead of a port alias.
(32603)
- Added support for creating passwords of up to 128 characters long.
(32919)
- Fixed an issue where the AdventNet MIB browser would intermittently
fail to pull in the sysDescr object when SNMPv3 was used.
(33124)
- Fixed an issue where when using SNMPv3, the configured destination
trap port was not being used when the trap was sent (the destination
trap port in the SNMP packet was always sent as 162).
(33506)
- Added the display of any learned multicast-routers (Mrouters) to the
output of the "/info/l3/igmp/mrouter" command.
(33714)
- Added Syslog notifications for multicast-router (Mrouter) election
changes.
(33715)
- Fixed an issue where the SNMP link-up/down traps were being sent
with the physical port number instead of the proper ifIndex value.
Ports should be represented as an ifIndex, starting just above the
highest supported IP interface (i.e., 128 for the GbESM).
(34249)
- Fixed an issue where the isCLI "copy running startup" command
did not automatically save to the "backup" location.
(34277)
- The syntax of the “failover trigger 1 amon admin-key xxx” isCLI
command was changed to “failover trigger 1 amon adminkey xxx”.
(34884)
- - - - - - - - - - - - - - - - - -
Version 1.0.1.0 (Released June 2008)
- Initial Product Release